//
// GET : /account/maininfo/{accountName}
// GET: /account/maininfo/name={accountName}
// GET: /account/maininfo/id={accountId}
public ActionResult MainInfo(string accountName, Guid? accountId)
{
Answer output;
try
{
if (accountId == null && accountName == null)
{
output = new Answer(new Error("Account missing"));
Response.StatusCode = 400; // Bad Request
}
else
{
var realId = accountId ?? Storage.Account.GetId(accountName);
// get the informations of the given account
var accountInfo = Storage.Account.GetInfo(realId);
var accountToReturn = new Account(realId, accountInfo.Name, accountInfo.Description);
output = new Answer(accountToReturn);
}
}
catch (Exception exception)
{
// Result is an non-empty error XML element
output = new Answer(HandleError(exception));
}
return Serialize(output);
}
//
// GET: /account/messages/{accountName}/{number}
// GET: /account/messages/name={accountName}/{number}
// GET: /account/messages/id={accountId}/{number}
public ActionResult Messages(string accountName, Guid? accountId, int number)
{
Answer output;
try
{
if (accountId == null && accountName == null)
{
output = new Answer(new Error("Account missing"));
Response.StatusCode = 400; // Bad Request
}
else
{
var realId = accountId ?? Storage.Account.GetId(accountName);
// get lasts messages from account accoutName
var personalListId = Storage.List.GetPersonalList(realId);
var listMsgs = Storage.Msg.GetListsMsgTo(new HashSet<Guid> {personalListId}, DateTime.Now, number);
// convert, looking forward XML serialization
var listMsgsOutput = new Messages(listMsgs, Storage);
output = new Answer(listMsgsOutput);
}
}
catch (Exception exception)
{
// Result is an non-empty error XML element
output = new Answer(HandleError(exception));
}
return Serialize(output);
}
public ActionResult Create()
{
Answer output;
try
{
var listCreation =
(Create)(new XmlSerializer(typeof(Create))).Deserialize(Request.InputStream);
if (listCreation.AccountId == null && listCreation.AccountName == null)
{
output = new Answer(new Error("AccountId or AccountName missing"));
Response.StatusCode = 400; // Bad Request
}
else if (listCreation.ListInfo == null)
{
output = new Answer(new Error("ListInfo missing"));
Response.StatusCode = 400; // Bad Request
}
else if (listCreation.ListInfo.Name == null)
{
output = new Answer(new Error("Name missing"));
Response.StatusCode = 400; // Bad Request
}
else if (listCreation.ListInfo.Description == null)
{
output = new Answer(new Error("Description missing"));
Response.StatusCode = 400; // Bad Request
}
else
{
var accountId = listCreation.AccountId ?? Storage.Account.GetId(listCreation.AccountName);
// Check if the user is authenticated and has rights
var authentication = Authorized(accountId);
if (authentication.HasRights)
{
var listToCreate = listCreation.ListInfo;
var listId = Storage.List.Create(accountId, listToCreate.Name, listToCreate.Description,
listToCreate.IsPrivate);
// Result is an empty error XML element
output = new Answer(new NewObject(listId));
}
else
output = new Answer(new Error(authentication.ErrorMessage()));
}
}
catch (Exception exception)
{
// Result is an non-empty error XML element
output = new Answer(HandleError(exception));
}
return Serialize(output);
}
public ActionResult GenerateKey()
{
Answer output;
try
{
var idParameters = (Identity)(new XmlSerializer(typeof(Identity))).Deserialize(Request.InputStream);
if (idParameters.UserId == null && idParameters.UserLogin == null)
{
output = new Answer(new Error("User missing"));
Response.StatusCode = 400; // Bad Request
}
else if (idParameters.Password == null)
{
output = new Answer(new Error("Password missing"));
Response.StatusCode = 400; // Bad Request
}
else if (idParameters.ApplicationName == null)
{
output = new Answer(new Error("ApplicationName missing"));
Response.StatusCode = 400; // Bad Request
}
else
{
var userId = idParameters.UserId ?? Storage.User.GetId(idParameters.UserLogin);
// We catch the real password to verify if both are the same
var hashedPassword = Storage.User.GetPassword(userId);
var otherHash = PasswordAuth.HashPassword(idParameters.Password);
// If both passwords are the same, we can generate the key
if (hashedPassword.SequenceEqual(otherHash))
{
var key = Storage.User.GenerateApiKey(userId, idParameters.ApplicationName);
// We set a cookie but we also return the key in the response body
Response.SetCookie(new HttpCookie("key=" + key));
output = new Answer(new NewObject(key));
}
else
output = new Answer(new Error("Authentication failed"));
}
}
catch (UserNotFound)
{
output = new Answer(new Error("Authentication failed")); // Not a 404 error then
}
catch (Exception exception)
{
output = new Answer(HandleError(exception));
}
return Serialize(output);
}
public ActionResult Copy()
{
Answer output;
try
{
var msg = (CopyMsg)(new XmlSerializer(typeof(CopyMsg))).Deserialize(Request.InputStream);
if (msg.AccountId == null && msg.AccountName == null)
{
output = new Answer(new Error("AccountId or AccountName missing"));
Response.StatusCode = 400; // Bad Request
}
else if (msg.MessageId == null)
{
output = new Answer(new Error("MessageId missing"));
Response.StatusCode = 400; // Bad Request
}
else
{
var accountId = msg.AccountId ?? Storage.Account.GetId(msg.AccountName);
// Check if the user is authenticated and has rights
var authentication = Authorized(accountId);
if (authentication.HasRights)
{
var msgId = Storage.Msg.Copy(accountId, msg.MessageId.GetValueOrDefault());
//Result
output = new Answer(new NewObject(msgId));
}
else
output = new Answer(new Error(authentication.ErrorMessage()));
}
}
catch (Exception exception)
{
// Result is an non-empty error XML element
output = new Answer(HandleError(exception));
}
return Serialize(output);
}
//
// GET : /account/ownedlists/{accountName}/{number}
// GET: /account/ownedlists/name={accountName}/{number}
// GET: /account/ownedlists/id={accountId}/{number}
public ActionResult OwnedLists(string accountName, Guid? accountId, int number)
{
Answer output;
try
{
if (accountId == null && accountName == null)
{
output = new Answer(new Error("Account missing"));
Response.StatusCode = 400; // Bad Request
}
else
{
var realId = accountId ?? Storage.Account.GetId(accountName);
// we check if the user is authenticated and authorized to know whether to show private lists
var authentication = Authorized(realId);
if (authentication.Failed)
output = new Answer(new Error(authentication.ErrorMessage()));
else
{
// get the public lists owned by the given account
var ownedLists = Storage.List.GetAccountOwnedLists(realId, authentication.HasRights);
// Get as many subscriptions as possible (maximum: numberOfSubscriptions)
var size = Math.Min(ownedLists.Count, number);
var listsToReturn = ListsFromGuidCollection(ownedLists, size, Storage);
output = new Answer(listsToReturn);
}
}
}
catch (Exception exception)
{
// Result is an non-empty error XML element
output = new Answer(HandleError(exception));
}
return Serialize(output);
}
//
// GET: /account/taggedmessages/{accountName}/{number}
// GET: /account/taggedmessages/name={accountName}/{number}
// GET: /account/taggedmessages/id={accountId}/{number}
public ActionResult TaggedMessages(string accountName, Guid? accountId, int number)
{
Answer output;
try
{
if (accountId == null && accountName == null)
{
output = new Answer(new Error("Account missing"));
Response.StatusCode = 400; // Bad Request
}
else
{
var realId = accountId ?? Storage.Account.GetId(accountName);
// check if the user is authenticated and has rights
var authentication = Authorized(realId);
if (authentication.HasRights)
{
// get lasts messages from user name
var listMsgs = Storage.Msg.GetTaggedTo(realId, DateTime.Now, number);
// convert, looking forward XML serialization
var listMsgsOutput = new Messages(listMsgs, Storage);
output = new Answer(listMsgsOutput);
}
else
output = new Answer(new Error(authentication.ErrorMessage()));
}
}
catch (Exception exception)
{
// Result is an non-empty error XML element
output = new Answer(HandleError(exception));
}
return Serialize(output);
}
//
// GET : /account/subscriberlists/{accountName}/{number}
// GET: /account/subscriberlists/name={accountName}/{number}
// GET: /account/subscriberlists/id={accountId}/{number}
public ActionResult SubscriberLists(string accountName, Guid? accountId, int number)
{
Answer output;
try
{
if (accountId == null && accountName == null)
{
output = new Answer(new Error("Account missing"));
Response.StatusCode = 400; // Bad Request
}
else
{
var realId = accountId ?? Storage.Account.GetId(accountName);
// get lasts followers of user name 's list
var followingLists = Storage.List.GetFollowingLists(realId);
// Get as many subscribers as possible (maximum: number)
var size = Math.Min(followingLists.Count, number);
var accountListToReturn = AccountsFromGuidCollection(followingLists, size, Storage);
output = new Answer(accountListToReturn);
}
}
catch (Exception exception)
{
// Result is an non-empty error XML element
output = new Answer(HandleError(exception));
}
return Serialize(output);
}
public ActionResult Write()
{
Answer output;
try
{
var msg = (MsgToWrite)(new XmlSerializer(typeof(MsgToWrite))).Deserialize(Request.InputStream);
if (msg.AccountId == null && msg.AccountName == null)
{
output = new Answer(new Error("AccountId or AccountName missing"));
Response.StatusCode = 400; // Bad Request
}
else if (msg.Message == null)
{
output = new Answer(new Error("Message missing"));
Response.StatusCode = 400; // Bad Request
}
else if (msg.Message.Length > 140)
{
output = new Answer(new Error("Message must not exceed 140 characters"));
Response.StatusCode = 403; // Forbidden
}
else
{
var accountId = msg.AccountId ?? Storage.Account.GetId(msg.AccountName);
// Check if the user is authenticated and has rights
var authentication = Authorized(accountId);
if (authentication.HasRights)
{
var msgId = Storage.Msg.Post(accountId, msg.Message);
// Result
output = new Answer(new NewObject(msgId));
}
else
output = new Answer(new Error(authentication.ErrorMessage()));
}
}
catch (Exception exception)
{
// Result is an non-empty error XML element
output = new Answer(HandleError(exception));
}
return Serialize(output);
}
protected ContentResult Serialize(Answer output)
{
// a stream is needed for serialization
var stream = new MemoryStream();
(new XmlSerializer(typeof(Answer))).Serialize(stream, output);
stream.Position = 0;
return Content((new StreamReader(stream)).ReadToEnd());
}
//
// GET : /list/subscriptions/{idOfList}/{number}
public ActionResult Subscriptions(Guid? idOfList, int number)
{
Answer output;
try
{
if (idOfList == null)
{
output = new Answer(new Error("List id missing"));
Response.StatusCode = 400; // Bad Request
}
else
{
// get accounts followed by the given list
var followedAccounts = Storage.List.GetAccounts(idOfList.GetValueOrDefault());
var numberToReturn = Math.Min(number, followedAccounts.Count);
var followedAccountsToReturn = AccountsFromGuidCollection(followedAccounts, numberToReturn, Storage);
output = new Answer(followedAccountsToReturn);
}
}
catch (Exception exception)
{
output = new Answer(HandleError(exception));
}
return Serialize(output);
}
//
// GET : /list/owner/{idOfList}
public ActionResult Owner(Guid? idOfList)
{
Answer output;
try
{
if (idOfList == null)
{
output = new Answer(new Error("List id missing"));
Response.StatusCode = 400; // Bad Request
}
else
{
// get accounts following a given list
var ownerId = Storage.List.GetOwner(idOfList.GetValueOrDefault());
var ownerInfo = Storage.Account.GetInfo(ownerId);
var ownerToReturn = new Account(ownerId, ownerInfo.Name, ownerInfo.Description);
output = new Answer(ownerToReturn);
}
}
catch (Exception exception)
{
output = new Answer(HandleError(exception));
}
return Serialize(output);
}
//
// GET : /list/messages/{idOfList}/{number}
public ActionResult Messages(Guid? idOfList, int number)
{
Answer output;
try
{
if (idOfList == null)
{
output = new Answer(new Error("List id missing"));
Response.StatusCode = 400; // Bad Request
}
else
{
// get lasts messages from list defined by idOfList
var listMsgs = Storage.Msg.GetListsMsgTo(new HashSet<Guid> {idOfList.GetValueOrDefault()},
DateTime.Now, number);
// convert, looking forward XML serialization
var listMsgsOutput = new Messages(listMsgs, Storage);
output = new Answer(listMsgsOutput);
}
}
catch (Exception exception)
{
output = new Answer(HandleError(exception));
}
return Serialize(output);
}
//
// GET : /user/maininfo
// The user you get the info depends on who you are according to authentication
public ActionResult MainInfo()
{
Answer output;
try
{
// Key must be sent in a cookie
var keyCookie = Request.Cookies.Get("key");
if (keyCookie == null)
output = new Answer(new Error("No key cookie was sent"));
else
{
var userId = (new ApiKeyAuth(Storage, new Guid(keyCookie.Value))).Authenticate();
var userInfo = Storage.User.GetInfo(userId);
var userToReturn = new User(userInfo, userId);
output = new Answer(userToReturn);
}
}
catch (AuthFailedException)
{
output = new Answer(new Error("Authentication failed"));
}
catch (Exception exception)
{
// Result is an non-empty error XML element
output = new Answer(HandleError(exception));
}
return Serialize(output);
}
